SQL Injection Vulnerability in Symantec Web Gateway Management Console
CVE-2014-1651

Currently unrated

Key Information:

Vendor: Symantec
Status: Web Gateway
Vendor: CVE Published:; 18 June 2014

What is CVE-2014-1651?

A SQL injection vulnerability exists in the management console of Symantec Web Gateway versions prior to 5.2. This flaw permits remote attackers to exploit unspecified vectors and execute arbitrary SQL commands, potentially compromising the integrity of the database and exposing sensitive information.

References

http://www.securitytracker.com/id/1030443

vdb-entryx_refsource_SECTRACK

http://www.symantec.com/security_response/securityupdates...

x_refsource_CONFIRM

http://www.symantec.com/security_response/securityupdates...

x_refsource_CONFIRM

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 18, 2014
Vulnerability Reserved
Jan 23, 2014